Home Page Icon
Home Page
Table of Contents for
The Cybersecurity Playbook for Modern Enterprises
Close
The Cybersecurity Playbook for Modern Enterprises
by Jeremy Wittkop
The Cybersecurity Playbook for Modern Enterprises
The Cybersecurity Playbook for Modern Enterprises
Contributors
About the author
About the reviewer
Preface
Section 1 – Modern Security Challenges
Chapter 1: Protecting People, Information, and Systems – a Growing Problem
Chapter 2: The Human Side of Cybersecurity
Chapter 3: Anatomy of an Attack
Section 2 – Building an Effective Program
Chapter 4: Protecting People, Information, and Systems with Timeless Best Practices
Chapter 5: Protecting against Common Attacks by Partnering with End Users
Chapter 6: Information Security for a Changing World
Section 3 – Solutions to Common Problems
Chapter 7: Difficulty Securing the Modern Enterprise (with Solutions!)
Chapter 8: Harnessing Automation Opportunities
Chapter 9: Cybersecurity at Home
Answers
Other Books You May Enjoy
Search in book...
Toggle Font Controls
Playlists
Add To
Create new playlist
Name your new playlist
Playlist description (optional)
Cancel
Create playlist
Sign In
Email address
Password
Forgot Password?
Create account
Login
or
Continue with Facebook
Continue with Google
Sign Up
Full Name
Email address
Confirm Email Address
Password
Login
Create account
or
Continue with Facebook
Continue with Google
Prev
Previous Chapter
The Cybersecurity Playbook for Modern Enterprises
Next
Next Chapter
Preface
Table of Contents
Preface
Section 1 – Modern Security Challenges
Chapter 1
: Protecting People, Information, and Systems – a Growing Problem
Why cybercrime is here to stay – a profitable business model
The macro-economic cost of cybercrime
The global cost of identity theft
Intellectual property and Western economies
Micro-level impacts and responses to cybercrime
The role of governments and regulation
Industry regulation
The growing need for data privacy regulation
Data sovereignty regulations
Workers' councils
The foundational elements of security
People
Information
Systems
The cybersecurity talent shortage
Summary
Check your understanding
Further reading
Chapter 2
: The Human Side of Cybersecurity
People exploiting people
Social engineering techniques
Stealing credentials
Malicious software
The three types of insider threats
Well-meaning insiders
Compromised accounts
Malicious insiders
Summary
Check your understanding
Further reading
Chapter 3
: Anatomy of an Attack
Understanding the risk from targeted attacks
Organized crime
State-sponsored actors and military operations
Hacktivists and terrorists
Insider threats
Risk treatment planning
Stages of an attack
Extortion
Gaining access to target systems
Installing malicious software
Spreading the infection
Notifying the victim and making demands
Stealing information
Identifying what to steal
Gaining access to information
Aggregating information
Exfiltrating information
Generating economic benefit
System disruption or destruction
Attacks on critical infrastructure
Revenge attacks
Cyber weapons of war
Attackers for hire
Dark web forums
Malware as a Service
Summary
Check your understanding
Further reading
Section 2 – Building an Effective Program
Chapter 4
: Protecting People, Information, and Systems with Timeless Best Practices
The most important threat vector
Email attacks by the numbers
Types of email-based attacks
Time-honored best practices that could stop most breaches
Concept of Least Privilege
Need to Know
Role-Based Access Control
Identity Management
Vulnerability management and patching
Capabilities necessary in the remote world
Factors of authentication
Why your password is meaningless
Multifactor authentication
Network segmentation
Allowed applications
The role of human behavior
Behavior analysis for authentication
Behavior analysis for anomaly detection
Adaptive security in human behavior
The everything, everywhere world
Summary
Check your understanding
Further reading
Chapter 5
: Protecting against Common Attacks by Partnering with End Users
A framework for effective training
Frequency
Content
Scope
Making your people your partners
Making people active participants
Simulations are better than presentations
Educating about data
Training people to protect against common hacking techniques
Social engineering awareness
Phishing training and prevention
Technologies supporting people
Tabletop exercises
Summary
Check your understanding
Further reading
Chapter 6
: Information Security for a Changing World
Frames of reference
Military connection
Security triumvirates
Challenges with the traditional information security model
Protecting information
Challenges of information protection
Protecting information is a critical capability
Mapping data flows
Cross-functional collaboration
Securing networks and workloads – past, present, and future
Securing networks
Securing cloud workloads
Securing identities and granting access
Verifying identities
Granting access
Permissions accumulation
Human behavior
Securing endpoints
Summary
Check your understanding
Further reading
Section 3 – Solutions to Common Problems
Chapter 7
: Difficulty Securing the Modern Enterprise (with Solutions!)
Cybersecurity talent shortage
Not enough people!
Services can help!
Automation
Too much technology with too little process
Console whiplash
Siloed programs
Lack of business involvement
What are we trying to accomplish?
Cyber risk is business risk
Risk treatment planning
Looking for material risk factors
Lack of continuing education
The pace of change
Updating certain skills
Applying timeless concepts
Summary
Check your understanding
Further reading
Chapter 8
: Harnessing Automation Opportunities
Defining automation opportunities
A brief introduction to finance
Mapping a task by its cost basis
Documenting manual processes
Automating processes
Gathering data and applying context
Ethics in AI
Testing the system
The confusion matrix
Hybrid implementations
How attackers can leverage automation
Summary
Check your understanding
Further reading
Chapter 9
: Cybersecurity at Home
Protecting children and teaching them about online safety
The permanence of social media
The truth behind the façade
The danger lurking online
Password managers
Multifactor authentication
Password complexity and why it matters
Stop publishing your information!
Scraping
Summary
Check your understanding
Further reading
Answers
Chapter 1
Chapter 2
Chapter 3
Chapter 4
Chapter 5
Chapter 6
Chapter 7
Chapter 8
Chapter 9
Why subscribe?
Other Books You May Enjoy
Add Highlight
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click
here
login for view all page.
Day Mode
Cloud Mode
Night Mode
Reset